«

Hi all,

here is my setup: 1 Windows 2003 server that hosts, DNS, DHCP, AD, CA, and
IAS; 2) 1 windows xp client with SP2; 3) one DLINK 524 wireless router

Now i have setup my router to forward all wireless access attempts to my IAS
(Radius Server). I setup the CA to issue computer Certificates as well as
user Certificates. Now on the windows xp machine i removed both user cert
and computer cert, and i attempted to logon on to my wireless access point
and i connected without a problem. Now my question is, since i removed both
certs off the computer, i shouldnt have been able to connect to the WAP
because i was missing those Certificates. Why was i able to connect without
it failing to authenticate?

What method of authentication are you using? If you are using PEAP mschapV2,
your client does not require a computer certificate or user certificate. It
only requires you to download the root CA cert. This is configured through
GPO or manually through WZC. You will automatically pass through if it sees
you have the root cert installed and your credentials are seen in AD.

"Knowledge Hungry" wrote:

> Hi all,
>
> here is my setup: 1 Windows 2003 server that hosts, DNS, DHCP, AD, CA, and
> IAS; 2) 1 windows xp client with SP2; 3) one DLINK 524 wireless router
>
> Now i have setup my router to forward all wireless access attempts to my IAS
> (Radius Server). I setup the CA to issue computer Certificates as well as
> user Certificates. Now on the windows xp machine i removed both user cert
> and computer cert, and i attempted to logon on to my wireless access point
> and i connected without a problem. Now my question is, since i removed both
> certs off the computer, i shouldnt have been able to connect to the WAP
> because i was missing those Certificates. Why was i able to connect without
> it failing to authenticate?
>
>
>